Thirty-five million South Koreans could have had their personal data exposed by hackers targeting one of the country’s social networks.
The Korean Communications Commission claims to have traced the hack on the Cyworld social networking website and the Nate web portal to IP addresses in China. Both sites are run by SK Telecom.
Mobile phone numbers, email addresses, names and other encrypted information are believed to have been stolen in what could be the country’s biggest ever cyber attack. The population of South Korea is around 49 million.
It generates income by selling ‘acorns’ to be used in Cyworld to purchase things such as virtual furniture and wall paintings.
The Nate portal provides access to web services such email.
South Korean government ministries, banks and corporations have suffered a number of attacks in recent months. State-funded bank Nonghyup suffered a network failure in April blamed on North Korea and 1.8m customers of Hyundai Capital has their personal information compromised.
The South Korean government has drawn up a new cyber-security plan in response.
China has also recently been implicated over spear-phishing attacks on the Gmail accounts of US and South Korean officials and Chinese human rights activists.
Mark Darvill, a direcor at security firm AEP said: “By any standard this is a massive attack and one of many in recent months where the finger has been pointed at hackers based in China.
“It’s too early to say whether this attack is politically motivated or merely an attempt to steal personal information for financial gain.
“However it’s now becoming increasingly difficult to differentiate between attacks on military, communications, financial, civilian or critical infrastructure targets.”
Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…
Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC
Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…
Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…
Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…
Elon Musk continues to provoke the ire of various leaders around the world with his…
View Comments
We recently blogged about Washington's new stance that a cyber attack from a nation state will be treated as an act of war:
"Is Washington actually taking the daily/hourly/pick-your-increment hack attack seriously? Meaning not as a political expedient, but creating an environment where cyber war/crime is treated with the magnitude it merits? We sincerely hope so.
That said, if it was determined that a given breach caused harm to American treasure, then the new initiative would consider that an act of war, and rightly so. But, the attacker would have to be identified and located before any retaliation could ensue. This would require pervasive security intelligence, as we term it, or a “brain layer” over the network/s involved in the attacks."
http://blog.q1labs.com/?p=1131
Any sovereign state that determines it has been breached by another sovereign state via a cyber attack should follow Washington’s lead and treat the offense with the magnitude it merits.
John Burnham - Q1 Labs